<?php
$sanitize_all_escapes = true;
$fake_register_globals = false;
require_once("globals.php");
include_once("$srcdir/sql.inc");

$search = $_REQUEST['q'];
$query = "SELECT * FROM `procedure_type` WHERE name like '%" . $search . "%' or procedure_code like '%" . $search . "%' order by name asc";
$data = query_paciente($query);

//$result = "Maria|1\n";

//echo $query;

if (is_array($data)) {
    foreach ($data as $valor) {
        $val1 = $valor["name"] . " (" . $valor["procedure_code"].")";
        $val2 = $valor["procedure_type_id"];
        $result .= $val1 . "|" . $val2 . "\n";
    }
}
echo str_replace(",]", "]", $result);

function query_paciente($query) {
    ob_start();
    $res = sqlStatement($query);
    if ($res) {
        for ($iter = 0; $row = sqlFetchArray($res); $iter++) {
            $all[$iter] = $row;
        }
    }
    $v = ob_get_clean();
    return $all;
}

?>